Guide to Removing Referrer Spam and Fake Traffic in Google Analytics
by Mike Khorev
Most online marketers and website owners use Google Analytics to track visitors, time on the site, pages visits and how users they interact with the website (form submissions, video plays, newsletter subscription, e-commerce tracking). In 2015 many webmasters started noticing suspicious referral traffic on their dashboards that was coming from a bunch of domains offering unethical services or redirecting users to affiliate websites. Spammers and black hat SEOs used this method to add their domain to your analytics and reports to make you wonder and possibly check the referer domain for answers “Why there 100 visits from lifehacĸer.com?”. Soon you will realize that you’ve been tricked and your metrics on Google Anlytics have been messed up, average time on the site, page visits, conversion rate, and other stats will now show inaccurate data because of 100 visits with 0s time on the site and 1 page visited.
How Big is the Problem?
Pretty big. Some webmasters report that fake refer traffic can be accountable for 50% of overall traffic which means it can make you A/B tests, conversion optimization and other marketing campaigns useless if you rely on Analytics data to make decisions. Even if you remove obvious fake traffic, spammers nowadays are spoofing real websites like reddit.com and twitter.com, addons.mozilla.org and languages. They are getting smarter by adding real metrics to referrer domains – 2 minutes on the site and 4 pages per session, good luck figuring out if it’s real or not (it’s not real 🙂 . There is a way to remove generated fake traffic from legitimate websites with UTMs and id tracking but it will always require additional work and you need to regulary check analytics. The biggest offenders in referrer spam are:
also these have been reported by some webmasters:
- social-buttons-aa.xyz / referral
- boltalko.xyz / referral
- free-video-tool.com / referral
- scanner-jess.top / referral
- buketeg.xyz / referral
- scanner-jane.top / referral
- begalka.xyz / referral
- bezlimitko.xyz / referral
- bukleteg.xyz / referral
- arendovalka.xyz / referral
- compliance-don.top / referral
- scanner-fred.top / referral
- scanner-john.top / referral
- scanner-mary.top / referral
- scanner-irvin.top / referral
- scanner-walter.top / referral
- abcdefh.xyz / referral
When you see referral traffic from this particular domains in your Analytics, there is a 99% certainty that this is fake traffic. Do not try to visit sites, unless you have an up to date browser and antivirus software.
How Are Spammers Doing it?
A while ago Google mentioned the Measurement protocol that provides this interface where servers can interact with Google Analytics directly without going through the old intermediaries. In as much as this capability was achievable before, it had not been documented. Their main intention was to give different companies the capability to connect their systems to Google Analytics and collect data that accompanies this data while offline. This can also be done by web surfers. Some of the systems which operate on this protocol are POS systems, phone tracking solutions, CRM systems and phone-tracking solutions.
Throughout this entire process there is no way of authenticating it, as anyone with internet access can send out hits to your website. As long as they have information on your UA-ID they are all set. Spammers use this a great deal in corrupting peoples data.
The spammers can forge everything relating to these interactions. This includes the host name, accompanying referrer data, campaign tracking data and much more. Am sure by now you have a vivid idea of all that is entailed during the measurement protocol.
When you a take a look at the Google Analytics’ help forum you notice many complaints on referrer spam. Many webmasters across the globe are wondering how best they can put a lid to this problem. Marketers who are directly affected by it are angered by the false and skewed reports where their data turns out to be falsified hence irrelevant. Sadly, web spam looks like a problem that is here to stay irrespective of what guise it takes up. There are a few measures that try to prevent, minimize or stop them from interfering with your reporting.
Commonly Proposed Methods That Do Not Fix Referrer Spam
We now have a clear idea of how referrer spam comes about so we can briefly go over some of the top suggestions proposed on several forums and blogs on how to fix them. I shall explain further why they do not work.
· By using the keyword “Referrer” to conduct a Google Analytics filter so that you can lock out traffic from some of these referrers. By doing this you are only setting the campaign source field and not the referrer field, based on that argument alone, it will not work.
· Do a Google Analytics filter review which only accepts the traffic that originates from your host name. This will not be successful as they can easily set the host name to resemble your own. Spammers can easily fake a host name.
· Those using Universal Analytics are advised to exclude traffic originating from a “Referrer exclusion list”. Referrer exclusion will be unable to do this as it prevents the source from beginning another session when the current one is active.
· Server traffic monitors or attempts to block out traffic on the server level will not work as there are made barely any interactions made between the respective servers for the spam to be generated.
· Utilize Google Analytics bot filtering feature. When put to the test it does not work as it was not created to handle such issues in the first place.
· Block out entire geographical regions that bring about those spammy referrers. This seems like a bold measure, unfortunately it will not work. The argument is based on that fact that geographical data can be corrupted through the measurement protocol.
A Practically Working Solution
As of now the best way to apply filters your viewer level is by excluding referrer spam and reporting filters among other advanced segments. This can help in blocking out most of the stubborn spammers. You can also create a customized dimension by using this same expression. Once you spot a new referrer spam domain immediately add a vertical line followed by the domains name. You can escape the dots by adding a certain backlash right before them.
In as much as this solution seems viable, remember it is not a permanent remedy as it can be very exhausting. Remember spammers can register many domains faster than you can keep submitting them to your filter regex. Worth noting is that it takes a spammer roughly an hour when setting up a new domain and going about his spamming business. On the other hand it takes hundreds or even thousands of marketing specialists to comprehensively audit through stats so as to pinpoint out the malicious traffic and update their filters accordingly. That’s why this strategy is regarded as a short term solution.
Currently if you manage more than one Google Analytic account it is highly recommended that you check out Googles fully automated problem tracking tool known as Auto Spam Filters tool. It not only safeguards your site from receiving referrer spam but it also keeps off ghost traffic. Its filters undergo continuous updates to protect it from new spammers who show up.
The Internets’ referrer spam situation keeps getting worse with every passing day. Unfortunately, Google has been unable to come up with a clear solution on how we can tackle this issue once and for all. Web users have got no choice but to arrive at their own solutions. One way of going about this issue is by deploying an extra filter to client accounts to block out entry of new spam. The filter is one that agrees to hostname traffic that meets a certain set of values. So how can you set it up?
1. First check out your hostname report and specify a certain date range, preferably one that exceeds a month. This will narrow down the hostnames you should include.
2. Secondly, construct the filter by using some basic regex. Ensure that you get this filter right others you might interfere with your statistics. Remember, it might require frequent maintenance too. For instance, when you are adding new (third-party) domain names or moving domain names. The Auto Spam Filter tool can be used to protect and eliminate any other referrer spam or ghost traffic.
Is A Long Solution Possible at the Moment?
As long as authentication mechanisms are capable of pointing out who may send data to a specific UA-ID, then it is possible. Unfortunately Google Analytics operates under the precipice of a JS tracking or measurement protocol both of which rely on an unidentified client machine sending out the HTTP request. Based on those undeniable facts, it is subject to corruption through spoofing or forgery. There seems to be no remedy for this issue that does not touch on altering the very foundation of how Google Analytics operates significantly.
As early as 2013 Google was already aware of this predicament. Proof of their acknowledgement of this problem was from a reply made by Nick Michailvoski who is one of the top minds in the Google Analytics team. Unless the company decides to drastically alter the very structure of Google Analytics tracking system the problem of referrer spams will not be going away anytime soon. All we ca do is try our best to minimize it.
So, is this an Ongoing Process?
At the moment, it seems so. Following the two solutions mentioned above does not guarantee you any form of protection from them. Just as it was earlier mentioned, web spam is here to stay. Web spam keeps on evolving as spammers discover different methods of effectively delivering their referrer spams. They can even use differing hostnames to send them out. Being informed on the predicament that are referrer spams you should consider using hostname inclusion filters, HTaccess restrictions and up to date referrer exclusion filters.
What next after referrer spam?
Always have in mind that the ease in which referrer spam can be sent out can encourage the senders to carry out mischievous activities. As of now, the integrity of Google Analytics data is vulnerable. Based on the facts we have just outlined, it seems an attacker has several more attack options at his disposal than the receiver who is playing defense.
Referrer spam can be very irritating to website owners. It can give you the false impression that your website is drawing in a lot of traffic. Such misinformation can cloud your judgement when making important decisions that might affect your business.
It seems Google is not investing much time energy and resources into preventing spammers from interfering with your stats. That is why we are left with no choice but to block them out as much as we can with the exclude filters.
Analytics Toolkit might be the best bet for business owners who want to ascertain the credibility of their stats. It is equipped with auto spam filters which keep off a good amount of referrer spam. Other analytics and SEO tools are also provided by it. Its price range starts from $15.
April 15, 2018
January 10, 2019